+1 212 318 2000
Europe, Middle East, & Africa
+44 20 7330 7500
+65 6212 1000
Sept. 25 -- The drafting of a voluntary U.S. cybersecurity framework for the private sector is "essentially complete," National Institute of Standards and Technology Director Patrick Gallagher said Sept. 25.
"We are at the end, but we're only at the end of the beginning," Gallagher said at a cybersecurity summit in Washington. "Now we are really focused on taking what has been a remarkable effort and translating and driving it into practice. And for me, the litmus test of success is going to be the extent to which this framework becomes integrated with the way we operate."
The summit was sponsored by Billington Cybersecurity, a division of the Cyber Education Institute LLC, based in Chevy Chase, Md.
Under an executive order signed by President Barack Obama earlier this year, NIST must release a draft framework for public comment next month and publish a final version by February 2014 . NIST released a preliminary draft framework for discussion at a Dallas workshop in September .
Gallagher indicated that he expected the agency to meet its October deadline. "The NIST team has completed their work reflecting the last input from the Dallas workshop, and it will shortly go into a clearance process in time for a release that's called for in the executive order," he said.
Although the voluntary framework is primarily designed for owners and operators of U.S. "critical infrastructure" and their partners, it is expected to benefit a broader array of organizations across the private sector that are facing cybersecurity challenges, according to NIST, a division of the Department of Commerce.
The White House Aug. 6 unveiled preliminary recommendations from the Departments of Commerce, Homeland Security, and Treasury on incentives that can be used to encourage industry adoption of the framework .
The DHS is expected to coordinate the development of a program with incentives to promote the framework, once it has been finalized. In addition, regulatory agencies must review existing cybersecurity mandates to determine whether they are adequate in light of the framework.
By Alexei Alexis
To contact the reporter on this story: Alexei Alexis in Washington at aalexis @bna.com
To contact the editor responsible for this story: Heather Rothman at email@example.com
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).